New subject: fresh ovirt node 4.4.6 fail on firewalld both host and engine deployment

Wednesday, 12 May 2021

Hello -

Deployed fresh ovirt node 4.4.6 and the only thing I did to the system was
configure the NIC with nmtui

During the gluster install the install errored out with

gluster-deployment-1620832547044.log:failed: [n2] (item=5900/tcp) =>
{"ansible_loop_var": "item", "changed": false,
"item": "5900/tcp", "msg":
"ERROR: Exception caught: org.fedoraproject.FirewallD1.Exception:
ALREADY_ENABLED: '5900:tcp' already in 'public' Permanent and
Non-Permanent(immediate) operation"}

The fix here was easy - I just deleted the port it was complaining about
with firewall-cmd and restarted the installation and it was all fine

During the hosted engine deployment when the VM is being deployed it dies
here

[ INFO ] TASK [ovirt.ovirt.hosted_engine_setup : Open a port on firewalld]
[ ERROR ] fatal: [localhost]: FAILED! => {"changed": false, "msg":
"ERROR:
Exception caught: org.fedoraproject.FirewallD1.Exception: ALREADY_ENABLED:
'6900:tcp' already in 'public' Non-permanent operation"}

Now the issue here is that I do not have access to the engine VM as it is
in a bit of a transient state since when it fails the current image that is
open is discarded when the ansible playbook is kicked off again

I cannot find any BZ on this and google is turning up nothing. I don't
think firewalld failing due to the firewall rule already existing should be
a reason to exit the installation

The interesting part is that this only fails on certain ports. i.e when I
reran the gluster wizard after 5900 failed, the other ports are presumably
still added to the firewall, and the installation completes

Suggestions?

-- 
*Notice to Recipient*: https://www.fixflyer.com/disclaimer 
<https://www.fixflyer.com/disclaimer>

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

fresh ovirt node 4.4.6 fail on firewalld both host and engine deployment